Several remote vulnerabilities have been discovered in OpenLDAP, afree implementation of the Lightweight Directory Access Protocol. TheCommon Vulnerabilities and Exposures project identifies the followingproblems:

CVE-2007-5707

Thomas Sesselmann discovered that slapd could be crashed by a malformed modify requests.

CVE-2007-5708

Toby Blade discovered that incorrect memory handling in slapo-pcache could lead to denial of service through crafted search requests.

CVE-2007-6698

It was discovered that a programming error in the interface to the BDB storage backend could lead to denial of service through crafted modify requests.

CVE-2008-0658

It was discovered that a programming error in the interface to the BDB storage backend could lead to denial of service through crafted modrdn requests.

For the stable distribution (etch), these problems have been fixed inversion 2.3.30-5+etch1.

For the unstable distribution (sid), these problems have been fixed inversion 2.4.7-6.1.

We recommend that you upgrade your openldap2.3 packages.

Upgrade instructions- --------------------

wget url will fetch the file for youdpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line forsources.list as given below: